What is a safer encryption than PGP by email?

I’m looking for a way to encrypt emails, but isn’t there any better way? I heard that PGP is vulnerable, so I’m looking for a better alternative or not.

Email was never secure, however the vulnerability you are talking about is not in PGP itself, as stated by this article:

The vulnerability isn’t with PGP or S/MIME itself, but in the way they interact with modern e-mail programs. You can see this in the two suggested short-term mitigations: “No decryption in the e-mail client,” and “disable HTML rendering.”

So if you download your encrypted inbox and then decrypt it manually (maybe on an air-gaped PC), you are avoiding this “vulnerability”.

I am looking for a contact method that employs good encryption. Email is mainly PGP encryption, but PGP can not always change the algorithm. Signal that uses OTR needs to have a phone number. There is also Chat Secure that uses XMPP, but I have doubts that it uses secure encryption. Which method is the most secure and secure?

The Signal Messenger doesn’t use OTR but the Signal Protocol. Compared with e-mail and ChatSecure, it uses encryption by default while these other possibilities allow you to optionally use encryption.

However, again, there is no “most secure” messenger (as discussed in many other threads on this forum) since security depends on much more than only some technical features or encryption for data in transit. For instance, all messaging systems produce and need metadata. In case of messaging systems that heavily rely on server-side management (like e-mail or XMPP), servers get much more metadata in comparison with systems that use client-side management like Briar or Signal.

Again, a link to our article about “secure messengers” and the opinion of the EFF: https://infosec-handbook.eu/blog/discussion-secure/#sm

1 Like

What software do I use specifically to do?

OpenPGP Applet is a popular option if you use Linux.